"DrHok" wrote : I would like to change an existing SOAP interface to a JBoss(4.0.2)-based webservice from HTTP to HTTPS, in order to ensure both privacy and integrity of data. | | But how do I do it?
Actually it turned out to be easier than I thought (on JBoss 4.0.2): 1. Uncomment and edit the SSL/TLS Connector section in server/default/deploy/jbossweb-tomcat55.sar/server.xml. 2. Generate a server key pair using keytool, see http://java.sun.com/j2se/1.5.0/docs/tooldocs/windows/keytool.html. 3. Export the public key and import it on the client, also using keytool. Then, if the ws client uses https://server:8443/... instead of http://server:8080/..., SOAP goes over TLS. The WSDL doesn't need to know about TLS. Note: I think my description of activating TLS is accurate, but I can't guarantee that it works. I guessed the first two steps by diffing a virgin jboss-4.0.2.zip with a running AS where TLS was activated by someone else. I might have missed some details of the configuration. "DrHok" wrote : Will this cause a significant delay and load on the AS? I made a performance comparison between TLS on and off, and surprisingly the effect of TLS is really small. Neither the response times nor the load on the AS changed much (roughly +10%). However, the network latency might increase if client and server are further apart in terms of IP hops (I tried up to 3), because sending a SOAP request and receiving a response over TLS requires 6 packet round-trips instead of 3 without TLS. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3966920#3966920 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3966920 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
